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- The MAILING DATE of this communication appears on the cover sheet with the correspondence ac 
Period for Reply 
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A SHORTENED STATUTORY PERIOD FOR REPLY IS SET TO EXPIRE 3 MONTH(S) OR THIRTY (30) DAYS, 
WHICHEVER IS LONGER, FROM THE MAILING DATE OF THIS COMMUNICATION. 

- Extensions of time may be available under the provisions of 37 CFR 1.136(a). In no event, however, may a reply be timely Hied 
after SIX (6) MONTHS from the mailing date of this communication. 

- If NO period for reply is specified above, the maximum statutory period will apply and will expire S IX (6) MONTHS from the mailing date of this communication. 

- Failure to reply within the set or extended period for reply will, by statute, cause the application to become ABANDONED (35 U.S.C. § 133). 
Any reply received by the Office later than three months after t he mailing date of this communication, even if timely filed, may reduce any 
earned patent term adjustment. See 37 CFR 1.704(b). 

Status 

1)13 Responsive to communication(s) filed on 26 October 2007 . 
2a)D This action is FINAL. 2b)S This action is non-final. 

3) D Since this application is in condition for allowance except for formal matters, prosecution as to the merits is 

closed in accordance with the practice under Ex parte Quayle, 1935 CD. 11, 453 O.G. 213. 

Disposition of Claims 

4) E3 Claim(s) 1-88 is/are pending in the application. 

4a) Of the above claim(s) is/are withdrawn from consideration. 

5) D Claim(s) is/are allowed. 

6) E] Claim(s) 1-88 is/are rejected. 

7) Q Claim(s) is/are objected to. 

8) D Claim(s) are subject to restriction and/or election requirement. 

Application Papers 

9) D The specification is objected to by the Examiner. 

10)D The drawing(s) filed on is/are: a)D accepted or b)D objected to by the Examiner. 

Applicant may not request that any objection to the drawing(s) be held in abeyance. See 37 CFR 1.85(a). 

Replacement drawing sheet(s) including the correction is required if the drawing(s) is objected to. See 37 CFR 1.121(d). 
1 !)□ The oath or declaration is objected to by the Examiner. Note the attached Office Action or form PTO-152. 

Priority under 35 U.S.C. § 119 

1 2)D Acknowledgment is made of a claim for foreign priority under 35 U.S.C. § 1 1 9(a)-(d) or (f). 
a)D All b)D Some * c)D None of: 

1 .□ Certified copies of the priority documents have been received. 

2. Q Certified copies of the priority documents have been received in Application No. . 

3. Q Copies of the certified copies of the priority documents have been received in this National Stage 

application from the International Bureau (PCT Rule 17.2(a)). 
* See the attached detailed Office action for a list of the certified copies not received. 
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DETAILED ACTION 

1. Claims 1-88 pending. 

2. The IDS filed 8/2/2007 has been seen and considered by the examiner. 

3. Below, Examiner has pointed out particular references contained in the prior 
art(s) of record in the body of this action for the convenience of the applicant. Although 
the specified citations are representative of the teachings in the art and are applied to 
the specific limitations within the individual claims, other passages and figures may 
apply as well. Applicant should consider the entire prior art as applicable as to the 
limitations of the claims. It is respectfully requested from the applicant, in preparing the 
response, to consider fully each reference in its entirety as potentially teaching all or 
part of the claimed invention, as well as the context of the passage as taught by the 
prior arts or disclosed by the examiner. 

Continued Examination Under 37 CFR 1.114 

1 . A request for continued examination under 37 CFR 1.114, including the fee set 
forth in 37 CFR 1 .17(e), was filed in this application after final rejection. Since this 
application is eligible for continued examination under 37 CFR 1.1 14, and the fee set 
forth in 37 CFR 1 .17(e) has been timely paid, the finality of the previous Office action 
has been withdrawn pursuant to 37 CFR 1.114. Applicant's submission filed on 
1 0/26/2007 has been entered. 
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Double Patenting 



1 . The nonstatutory double patenting rejection is based on a judicially created 
doctrine grounded in public policy (a policy reflected in the statute) so as to prevent the 
unjustified or improper timewise extension of the "right to exclude" granted by a patent 
and to prevent possible harassment by multiple assignees. A nonstatutory 
obviousness-type double patenting rejection is appropriate where the conflicting claims 
are not identical, but at least one examined application claim is not patentably distinct 
from the reference claim(s) because the examined application claim is either anticipated 
by, or would have been obvious over, the reference claim(s). See, e.g., In re Berg, 140 
F.3d 1428, 46 USPQ2d 1226 (Fed. Cir. 1998); In re Goodman, 1 1 F.3d 1046, 29 
USPQ2d 2010 (Fed. Cir. 1993); In re Longi, 759 F.2d 887, 225 USPQ 645 (Fed. Cir. 
1985); In re Van Ornum, 686 F.2d 937, 214 USPQ 761 (CCPA 1982); In re Vogel, 422 
F.2d 438, 164 USPQ 619 (CCPA 1970); and In re Thorington, 418 F.2d 528, 163 
USPQ 644 (CCPA 1969). 

A timely filed terminal disclaimer in compliance with 37 CFR 1.321(c) or 1.321(d) 
may be used to overcome an actual or provisional rejection based on a nonstatutory 
double patenting ground provided the conflicting application or patent either is shown to 
be commonly owned with this application, or claims an invention made as a result of 
activities undertaken within the scope of a joint research agreement. 

Effective January 1 , 1994, a registered attorney or agent of record may sign a 
terminal disclaimer. A terminal disclaimer signed by the assignee must fully comply with 
37 CFR 3.73(b). 



2. Claims 1-9, 21-29, 41-49, and 61-77 are provisionally rejected on the ground of 
nonstatutory obviousness-type double patenting as being unpatentable over Claims 1-9, 
20-28, 39-47, 58-74 of copending Application No. 10/687217, hereafter "217". Although 
the conflicting claims are not identical, they are not patentably distinct from each other 
because they either recite a concomitance of the claim features, or they are obvious 
modifications. 
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3. Claims 1, 21, 41, and 61 of the instant application correspond to Claims 1 , 20, 
39, and 58 of '217 respectively. The limitations of the instant application are 
encompassed by '217 as follows: 

• A method for digital content access control, comprising: determining on a 
user device, digital content to be made accessible via a rights locker 
(instant application) corresponds directly to A method for digital content access 
control, comprising: determining, on a user device, digital content to be made 
accessible via a rights locker comprising an entity, different from said user device 
C217). 

• determining on said user device, enrollment authentication data (instant 
application) corresponds directly to determining on said user device, enrollment 
authentication data for use by a rights locker provider C217). 

• sending, from said user device to a rights locker provider over a 
network, a rights locker enrollment request to said rights locker 
provider, said rights locker enrollment request comprising a digital 
content request and said enrollment authentication data (instant 
application) corresponds directly to sending, from said user device to said 
rights locker provider for the rights locker, a rights locker enrollment request 
comprising a digital content request and said enrollment authentication data 
C2l 7 ). 

• receiving, on said user device from said rights locker provider over 
said network, one or more authenticated rights locker access requests 
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in response to said sending, said one or more authenticated rights 
locker access requests for subsequent use in accessing digital content 
associated with said rights locker (instant application) corresponds 
directly to receiving, on said user device, an authenticated rights locker access 
request in response to said sending, said authenticated rights locker access 
request for subsequent use in accessing digital content associated with said 
rights locker ( ^217). 
• receiving, on said user device from a user of said user device, an 
indication of a selection of one of said one or more authenticated 
rights locker access requests; sending, from said user device, said 
authenticated rights locker access request to a rights locker provider; 
and receiving, on said user device, a result in response to said sending 
said authenticated rights locker access request (instant application) 
would have been an obvious next step in x 217. It is well known in the art to select 
a desired content to access and receiving said content in response. 

4. Claims 2-9, 22-29, 42-49, and 62-77 of the instant application correspond 
directly to Claims 2-9, 21-28, 40-47, and 59-74 of *217 respectively. 



5. This is a provisional obviousness-type double patenting rejection because the 
conflicting claims have not in fact been patented. 
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6. Claims 10-20, 30-40, 50-60, and 78-88 are rejected on the ground of 
nonstatutory obviousness-type double patenting as being unpatentable over Claims 1- 
11, 22-32, 43-53, and 64-74 of copending Application No. 10/687415, hereafter "415". 
Although the conflicting claims are not identical, they are not patentably distinct from 
each other because they either recite a concomitance of the claim features, or they are 
obvious modifications. 

7. Claims 10, 30, 50, and 78 of the instant application correspond to Claims 1 , 22, 
43, and 64 of '415 respectively. The limitations of the instant application are 
encompassed by '217 as follows: 

• A method for digital content access control, comprising: receiving, by 
a rights locker provider, a rights locker enrollment request from a 
user device associated with a user, said rights locker enrollment 
request comprising a digital content request and enrollment 
authentication data (instant application) corresponds directly to A method 
for digital content access control, comprising: receiving, by a rights locker 
provider, a rights locker enrollment request from a user device associated with 
a user, said rights locker enrollment request comprising a digital content 
request and enrollment authentication data C415)- 

• determining, by said rights locker provider, whether said user is 
authorized, said determining comprising deterniining the rights of 
said user to access said rights locker and the rights of said user to 
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digital content specified by said digital content request (instant 
application) corresponds directly to determining, by said rights locker 
provider, whether said user is authorized using said enrollment authentication 
data, said determining comprising determining rights of said user to digital 
content specified by said digital content request wherein said rights locker 
provides (i)a description of a user's access rights for digital content; and (2) 
controlled access to said description C415). 

• wherein upon said determining finding said user is authorized, 
initializing, by said rights locker provider, said rights locker with 
rights to said digital content (instant application) corresponds directly to 
if said user is authorized, initializing, by said rights locker provider, said rights 
locker with rights to said digital content C 415). 

• obtaining, by said rights locker provider, one or more tokens that 
authenticate future access to a rights locker corresponding to said 
digital content (instant application) corresponds directly to obtaining, by 
said rights locker provider, a new token that authenticate future access to said 
rights locker corresponding to said digital content C415)- 

• creating, by said rights locker provider, one or more authenticated 
rights locker access requests based at least in part on said one or 
more tokens (instant application) corresponds directly to creating, by said 
rights locker provider, one or more authenticated rights locker access request 
based at least in part on said new token ( s 4is). 
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• sending, by said rights locker provider to said user device over a 
network, said one or more authenticated rights locker access requests 
(instant application) corresponds directly to sending, by said rights locker 
provider, said authenticated rights locker access request over a network to said 
user device ("415). 

• receiving, by said rights locker provider from said user device over 
said network, an indication of a user selection of one of said one or 
more authenticated rights locker access requests; and accessing the 
contents of said rights locker according to a type of said rights token 
associated with said user selected one of said one or more 
authenticated rights locker access requests would have been an obvious 
next step in * 415. It is well known in the art to select a desired content to access 
and receiving said content in response. 

8. Claims 11-20, 31-40, 51-60, and 79-88 of the instant application correspond 
directly to Claims 2-1 1 , 23-32, 44-53, and 65-74 of '415 respectively. 

Claim Rejections - 35 USC § 103 

1 . The following is a quotation of 35 U.S.C. 103(a) which forms the basis for all 
obviousness rejections set forth in this Office action: 



(a) A patent may not be obtained though the invention is not identically disclosed or described as set 
forth in section 102 of this title, if the differences between the subject matter sought to be patented and 
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the prior art are such that the subject matter as a whole would have been obvious at the time the 
invention was made to a person having ordinary skill in the art to which said subject matter pertains. 
Patentability shall not be negatived by the manner in which the invention was made. 



2 Claims 1-3, 6, 10-12, 15, 21-23, 26, 30-32, 35, 41-43, 46, 50-52, 55, 61- 
63, 66-74, 78-80, and 83 are.-rejected under 35 U.S.C. 103(a) as being unpatentable 
over Buhse et al. (US 2004/0024652), hereafter "Buhse" in view of Murphy et al. (US 
6,226,744), hereafter "Murphy". 



3. Considering Claims 1, 21, 41, and 61, Buhse discloses a method for digital 

content access control (Fig. 6A, Fig. 6B, [0002]), comprising: determining, on a 
user device, digital content to be made accessible via a rights locker (Fig. 6B, 
[0048]); determining, on said user device, enrollment authentication data 
([0165], [0171]); sending, from said user device to a rights locker provider over a 
network, a rights locker enrollment request to a rights locker provider (Fig. 6B, 
[0164], [0171]); said rights locker enrollment request comprising a digital 
content request and said enrollment authentication data ([0048], [0052], [0164], 
[0171]); receiving, on said user device from said rights locker provider over said 
network, an indication of a selection of one of said one or more authenticated 
rights locker access requests ([0077H0079], [0091])); sending, from said user 
device to a rights locker provider over said network, said authenticated rights 
locker access request to a rights locker provider ([0091]); and receiving, on said 
user device from said rights locker provider, in response to said sending said 
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selected authenticated rights locker access request, a result including at lease an 
authenticated digital content request ([0054], [0063]). 



Buhse does not explicitly disclose receiving, on said user device, one or more 
authenticated rights locker access requests in response to said sending, said one 
or more authenticated rights locker access requests for subsequent use in 
accessing digital content associated with said rights locker. Buhse does suggest 
subscriptions which would implicitly define a one time only authentication 
([0132H0135]). 



Murphy discloses receiving, on said user device, one or more authenticated rights 
locker access requests in response to said sending (column 5- lines 55-60), said 
one or more authenticated rights locker access requests for subsequent use in 
accessing digital content associated with said rights locker (column 7- lines 26- 
28, column 6- lines 56-61), sending, from said user device, said authenticated 
rights locker access request to a rights locker provider (column 3- lines 35-36). 



Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the teachings of Buhse by 
authenticated rights locker enrollment requests (i.e. tokens) for subsequent use 
in accessing digital content as taught by Murphy in order to provide a user with a 
system that requires authentication only once (Murphy- column 6- lines 56-60). 
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4. Considering Claims 10, 30, 50, and 78, the combination of Buhse and Murphy 
discloses a method for digital content access control (Buhse- Fig. 6A, Fig. 6B, 
[0002]), comprising: receiving, by a rights locker provider, a rights locker 
enrollment request from a user device associated with a user (Buhse- [0165], 
[0171]), said rights locker enrollment request comprising a digital content request 
and enrollment authentication data (Buhse- [0048], [0052], [0164], [0171]); 
determining, by said rights locker provider, whether said user is authorized 
(Buhse- [0061], Murphy- column 6- lines 43-60), said determining comprising 
determining the rights of said user to access said rights locker and the rights of 
said user to digital content specified by said digital content request (Buhse- 
[0079], Murphy- column 6- lines 1-7); wherein upon said determining finding 
said user is authorized, initializing, by said rights locker provider, said rights 
locker with rights to said digital content (Buhse- [0091]); obtaining, by said 
rights locker provider, one or more tokens that authenticate future access to a 
rights locker corresponding to said digital content (Murphy- column 5- lines 55- 
60, column 6- lines 56-61); creating, by said rights locker provider, one or more 
authenticated rights locker access requests based at least in part on said one or 
more tokens (Murphy- column 5- lines 55-60); sending, by said rights locker 
provider to said user device over a network, said one or more authenticated rights 
locker access requests (Murphy- column 3- lines 35-36); receiving, by said rights 
locker provider from said user device over said network, an indication of a user 



Application/Control Number: Page 12 

10/687,488 

Art Unit: 2135 

selection of one of said one or more authenticated rights locker access requests 
(Buhse- [0048], [0056]); and accessing the contents of said rights locker 
according to a type of said rights token associated with said user selected one of 
said one or more authenticated rights locker access requests (Buhse- [0091], 
Murphy- column 7- lines 22-28, accessing, by said rights locker provider, content 
based on the SSN is shown, it is also shown that this could be done using tickets, 
certificates, or keys which can be read as tokens). 

5. Considering Claims 2, 11, 22, 31, 42, 51, 62, and 79, the combination 
discloses digital content request comprises a request for initializing said rights 
locker with rights to specified digital content (Buhse- [0154H0161], Murphy- 
column 3, lines 35-36). 

6. Considering Claims 3, 12, 23, 32, 43, 52, 63, and 80, the combination 
discloses enrollment authentication data comprises: rights locker access 
authentication data for determining what rights, if any, a user of said user device 
has to access said rights locker; and rights content access authentication data for 
determining what rights, if any, said user has to digital content associated with 
said rights locker (Buhse- [0154H-161], Murphy- column 6, lines 43-47)- 
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7. Considering Claims 4, 13, 24, 33, 44, 53, 64, and 81, the combination 
discloses rights locker access authentication data comprises payment for use of a 
rights locker service (Buhse- [0157H0159]). 

V 

8. Considering Claims 5, *4> 25, 34, 45, 54, 65, and 82, the combination 
discloses rights content access authentication data comprises payment for rights 
deposited in said rights locker (Buhse- [0157H0159]). 

9. Considering Claims 6, 15, 26, 35, 46, 55, 66, and 83, the combination 
discloses enrollment authentication data comprises a reenrollment key 
determined in a previous enrollment request for said rights locker, said 
reenrollment key for supplementing or replacing enrollment authentication data 
of said previous enrollment request (Buhse- [oi23-[oi3i], Murphy- column 6, 
lines 56-61, column 7, lines 22-28). 

10. Considering Claims 7, 18, 27, 38, 47, 58, 75, and 86, the combination 
discloses storing at least part of said one or more authenticated rights locker 
access requests in a bookmark on said user device (Buhse- [0181H0190]). 



11. Considering Claims 16, 36, 56, and 84, the combination discloses determining 
comprises determining whether said user is entitled to become an enrolled user 
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based at least in part on whether payment for use of the rights locker service 
succeeds (Buhse- [oi57Hoi59])- 

12. Considering Claims 17, 37, 57, and 85, Murphy does not disclose determining 
whether an enrolled user is entitled to populate said rights locker with rights to 
said digital content based at least in part on whether payment for said rights 
succeeds (Buhse- [0157H0159]). 

13. Considering Claim 67, the combination of discloses apparatus comprises a 
smart card (Murphy- abstract, lines 1-5). 

14. Considering Claims 68-74, the combination does not explicitly disclose a wide 
range of different types of smart cards. 

Murphy does suggest a smart card is a device that is typically the size of a credit 
card, having a microprocessor and limited storage memory (column 2, lines 46- 
48). 

Therefore, Official Notice is taken that it would have been obvious at the 
time of the invention to use the combination with the wide range of different 
types of smart cards for the benefit of having a system that is usable on a wide 
variety of designs and platforms. 
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15. Claims 8, i9, 28, 39, 48, 59, 76, and 87 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Buhse and Murphy in view of Steven W. Disbrow. 
Use cookies to maintain state in Web applications. Active Server 
Developer's Journal. Louisville: Sep 2000. Vol. 4. Iss. 9; pg. 7, 3 pgs. 

Hereafter "Disbrow." 

16. Considering Claims 8, 19, 28, 39, 48, 59, 76, and 87, the combination does 
not explicitly disclose one or more authenticated rights locker access requests are 
embedded in a Web cookie. 

Disbrow discloses one or more authenticated rights locker access requests are 
embedded in a Web cookie (Full Text, II 3, lines 2-4). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the combination by using cookies to 
imbed personal information as taught by Disbrow for the benefit of remembering 
a particular visitor so that forms he filled out, selections and preferences he 
made, and other personalized information wouldn't have to be re-entered each 
time he visited the site (Disbrow- Full Text, 11 3, lines 2-4) 
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17. Claims 9, 20, 29, 40, 49, 60, 77, and 88 are rejected under 35 U.S.C. 103(a) 
as being unpatentable over Buhse and Murphy in view of Weissman (US 
2002/0156905), hereafter "Weissman." 

18. Considering Claims 9, 20, 29, 40, 49, 60, 77, and 88, the combination does 
not disclose one or more authenticated rights locker access requests are 
encapsulated in an HTTP Response message. 

Weissman discloses one or more authenticated rights locker access 

requests are encapsulated in an HTTP Response message ([0035] lines 10-22, 

[0036]). 

Therefore, it would have been obvious to one of ordinary skill in the art at 
the time the invention was made to modify the combination by encapsulating 
user authentication information in a http response message as taught by 
Weissman for the benefit of appending authentication credentials stored in the 
logon database and other information extracted from the previously received 
HTTP responses. 
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Response to Arguments 

1 . Applicant's arguments with respect to the independent Claims have been 
considered but are moot in view of the new ground(s) of rejection. 

Conclusion 

l. Any inquiry concerning this communication or earlier communications from the 
examiner should be directed to Randal D. Moran whose telephone number is 571-270- 
1255. The examiner can normally be reached on M-F: 7-30-5:00. 

If attempts to reach the examiner by telephone are unsuccessful, the examiner's 
supervisor, Kim Vu can be reached on 571-272-3859. The fax phone number for the 
organization where this application or proceeding is assigned is 571-273-8300. 

Information regarding the status of an application maybe obtained from the 
Patent Application Information Retrieval (PAIR) system. Status information for 
published applications maybe obtained from either Private PAIR or Public PAIR. 
Status information for unpublished applications is available through Private PAIR only. 
For more information about the PAIR system, see http://pair-direct.uspto.gov. Should 
you have questions on access to the Private PAIR system, contact the Electronic 
Business Center (EBC) at 866-217-9197 (toll-free). If you would like assistance from a 
USPTO Customer Service Representative or access to the automated i 
system, call 800-786-9199 (IN USA OR CANADA) or 571-272-1000. 




